CN102710601B - Method for security encryption and signing based on identity file - Google Patents
Method for security encryption and signing based on identity file Download PDFInfo
- Publication number
- CN102710601B CN102710601B CN201210132720.4A CN201210132720A CN102710601B CN 102710601 B CN102710601 B CN 102710601B CN 201210132720 A CN201210132720 A CN 201210132720A CN 102710601 B CN102710601 B CN 102710601B
- Authority
- CN
- China
- Prior art keywords
- client
- information
- file
- server end
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Landscapes
- Information Transfer Between Computers (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a method for security encryption and signing based on an identity file. The method includes: obtaining configuration information of basic setting of a client and configuration information of advanced encryption standard setting of the client; registering and applying the identity file applicable to a mailbox at a server end; downloading data information of the identity file through the client; obtaining type information of a task to be executed selected by the client; and performing encryption and decryption to files through the client according to the identity file. By the method, important data of a user can be protected from being viewed or modified, safe communication on an originally unsafe channel can be achieved, and denial behaviors after using the user's identity to receive and transmit information can be avoided.
Description
Technical field
The present invention relates to a kind of software systems, particularly relate to a kind of safety encipher and endorsement method of identity-based file.
Background technology
This year; along with the high speed development of the Internet; people start to get more and more, more and more deep understanding and study the Internet knowledge; network is providing people easily simultaneously; but there is a lot of potential safety hazards; the file of the transmission of people and information usually can be revealed and be stolen, and bring very large inconvenience to the life of people, study and work.
Although the encryption and decryption mode of current file has a variety of, the coefficient of safety of these methods is not high, and insecure channels carries out file transfer, still there is the possibility revised by people and steal, so people need more satisfactoryly to ask valency encrypting and deciphering system.
Summary of the invention
The present invention, mainly for the deficiencies in the prior art, provides safety encipher and the endorsement method of a kind of fail safe identity-based file high, simple to operate.
To achieve these goals, the invention provides following technical scheme:
The safety encipher of identity-based file and an endorsement method, its step comprises:
Obtain the configuration information of the basic setup of client and the configuration information of Advanced Encryption Standard setting;
Register at server end and apply for an identification document being applicable to mailbox;
Client downloads also obtains the data message of described identification document;
Obtain the task kind of information of the needs execution selected in client;
According to the information of identification document, client is encrypted or decryption processing file.
As a preferred embodiment of the present invention, the configuration information of described basic setup comprises the kind of the verification algorithm that have employed SHA.
As a preferred embodiment of the present invention, the configuration information that described Advanced Encryption Standard is arranged comprises key length and operator scheme.
As a preferred embodiment of the present invention, described task kind comprises encrypt file and signature and declassified document certifying signature.
As a preferred embodiment of the present invention, describedly register at server end and apply for that the concrete steps being applicable to the identification document of mailbox comprise:
Server end obtains user name, password, Email, the information of identifying code and the approval information of user license agreement in enrollment form;
Carry out the location registration process of server end;
After succeeding in registration, be redirected to server end login interface;
Server end obtains and checking log-on message, and logs in;
After logining successfully, server end obtains and the application information of identity verification file;
Server end processes application information, and generates identification document;
Server end sends application information to client.
As a preferred embodiment of the present invention, the described information according to identification document, client is encrypted file or the concrete steps of decryption processing comprise:
If Choice encryption file is also signed, client obtains the file needing encryption;
Client obtains the Email of recipient, encryption method, storing path and digital signature information;
Client obtains corresponding identification document information;
Client is encrypted described file;
If select declassified document and certifying signature, client obtains the cryptograph files that will decipher;
Client obtains and the information of identity verification file;
Judge whether cryptograph files comprises digital signature, if comprise digital signature, cryptograph files is verified;
Obtain the preservation position of cryptograph files, and process is decrypted to cryptograph files.
As a preferred embodiment of the present invention, described encryption method comprises Advanced Encryption Standard and stream encryption algorithm.
As can be seen from technique scheme, the safety encipher of identity-based file of the present invention and endorsement method, can help user to protect significant data thus do not checked or revise, and can realize secure communication on this unsafe channel; Meanwhile, can also prevent with the behavior denied after user's name sending and receiving information.
Accompanying drawing explanation
Fig. 1 the present invention is based on the safety encipher of identification document and the structural representation of endorsement method one preferred embodiment.
Embodiment
Below in conjunction with accompanying drawing, preferred embodiment of the present invention is described in detail, can be easier to make advantages and features of the invention be readily appreciated by one skilled in the art, thus more explicit defining is made to protection scope of the present invention.
Consult Fig. 1, Fig. 1 the present invention is based on the safety encipher of identification document and the structural representation of endorsement method one preferred embodiment.
The safety encipher of identity-based file and an endorsement method, its step comprises: obtain the configuration information of the basic setup of client and the configuration information of Advanced Encryption Standard setting; Register at server end and apply for an identification document being applicable to mailbox; Client downloads also obtains the data message of described identification document; Obtain the task kind of information of the needs execution selected in client; According to the information of identification document, client is encrypted or decryption processing file.
The configuration information of described basic setup comprises the kind of the verification algorithm that have employed SHA, a kind of can calculating corresponding to a digital massage of SHA (Secure Hash Algorithm) is arrived, the algorithm of the character string (also known as eap-message digest) that length is fixing, like this can according to the different demand of people, select different verification algorithms, easy for people to use.
The configuration information that described Advanced Encryption Standard is arranged comprises key length and operator scheme.
Described task kind comprises encrypt file and signature and declassified document certifying signature, the encryption and decryption process of file is separated, the more convenient choice and operation of people.
Describedly register at server end and apply for that the concrete steps being applicable to the identification document of mailbox comprise: server end obtains information and the user of user name, password, Email, identifying code in enrollment form
The approval information of permission agreement; Carry out the location registration process of server end; After succeeding in registration, be redirected to server end login interface; Server end obtains and checking log-on message, and logs in; After logining successfully, server end obtains and the application information of identity verification file; Server end processes application information, and generates identification document; Server end sends application information to client.The identification document applying for obtaining can be made so safer, prevent from being intercepted and captured by people in transmission diagram and revising.
The described information according to identification document, client is encrypted file or the concrete steps of decryption processing comprise:
If Choice encryption file is also signed, client obtains the file needing encryption; Client obtains the Email of recipient, encryption method, storing path and digital signature information; Client obtains corresponding identification document information; Client is encrypted described file.
If select declassified document and certifying signature, client obtains the cryptograph files that will decipher; Client obtains and the information of identity verification file; Judge whether cryptograph files comprises digital signature, if comprise digital signature, cryptograph files is verified; Obtain the preservation position of cryptograph files, and process is decrypted to cryptograph files.
By digital signature, the integrality of file is easy to checking, also ensure that others can not falsely use your identity transmission file simultaneously.
Described encryption method comprises Advanced Encryption Standard and stream encryption algorithm.
The safety encipher of identity-based file of the present invention and endorsement method, can help user to protect significant data thus do not checked or revise, and can realize secure communication on this unsafe channel; Meanwhile, can also prevent with the behavior denied after user's name sending and receiving information.
The above; be only the embodiment of the preferred embodiment of the present invention; but protection scope of the present invention is not limited thereto; any those of ordinary skill in the art are in the technical scope disclosed by the present invention; the change can expected without creative work or replacement, all should be encompassed within protection scope of the present invention.
Claims (6)
1. the safety encipher of identity-based file and an endorsement method, it is characterized in that, step comprises:
Obtain the configuration information of the basic setup of client and the configuration information of Advanced Encryption Standard setting;
Register at server end and apply for an identification document being applicable to mailbox;
Client downloads also obtains the information of described identification document;
Obtain the task kind of information of the needs execution selected in client;
According to the information of identification document, client is encrypted or decryption processing file, and concrete steps comprise:
If Choice encryption file is also signed, client obtains the file needing encryption;
Client obtains the Email of recipient, encryption method, storing path and digital signature information;
Client obtains the information of corresponding identification document;
Client is encrypted described file;
If select declassified document and certifying signature, client obtains the cryptograph files that will decipher;
Client obtains and the information of identity verification file;
Judge whether cryptograph files comprises digital signature, if comprise digital signature, cryptograph files is verified;
Obtain the preservation position of cryptograph files, and process is decrypted to cryptograph files.
2. the safety encipher of identity-based file according to claim 1 and endorsement method, it is characterized in that, the configuration information of described basic setup comprises the kind of the verification algorithm that have employed SHA.
3. the safety encipher of identity-based file according to claim 1 and endorsement method, is characterized in that, the configuration information that described Advanced Encryption Standard is arranged comprises key length and operator scheme.
4. the safety encipher of identity-based file according to claim 1 and endorsement method, is characterized in that, described task kind comprises encrypt file and signature and declassified document certifying signature.
5. the safety encipher of identity-based file according to claim 1 and endorsement method, is characterized in that, describedly registers at server end and apply for that the concrete steps being applicable to the identification document of mailbox comprise:
Server end obtains user name, password, Email, the information of identifying code and the approval information of user license agreement in enrollment form;
Carry out the location registration process of server end;
After succeeding in registration, be redirected to server end login interface;
Server end obtains and checking log-on message, and logs in;
After logining successfully, server end obtains and the application information of identity verification file;
Server end processes application information, and generates identification document;
Server end sends application information to client.
6. the safety encipher of identity-based file according to claim 1 and endorsement method, it is characterized in that, described encryption method comprises Advanced Encryption Standard and stream encryption algorithm.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210132720.4A CN102710601B (en) | 2012-05-03 | 2012-05-03 | Method for security encryption and signing based on identity file |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210132720.4A CN102710601B (en) | 2012-05-03 | 2012-05-03 | Method for security encryption and signing based on identity file |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102710601A CN102710601A (en) | 2012-10-03 |
| CN102710601B true CN102710601B (en) | 2015-07-22 |
Family
ID=46903157
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210132720.4A Expired - Fee Related CN102710601B (en) | 2012-05-03 | 2012-05-03 | Method for security encryption and signing based on identity file |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102710601B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104618120B (en) * | 2015-03-04 | 2018-01-23 | 青岛微智慧信息有限公司 | A kind of mobile terminal key escrow digital signature method |
| CN109729088B (en) * | 2018-12-29 | 2022-01-25 | 广东盈世计算机科技有限公司 | Mail processing method |
| CN109756343B (en) * | 2019-01-31 | 2021-07-20 | 平安科技(深圳)有限公司 | Authentication method and device for digital signature, computer equipment and storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1602601A (en) * | 2001-10-12 | 2005-03-30 | Geo信托有限公司 | Methods and systems for automated authentication, processing and issuance of digital certificates |
| CN1835434A (en) * | 2006-04-10 | 2006-09-20 | 北京易恒信认证科技有限公司 | Electronic mail system and method based on CPK safety authentication |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7395430B2 (en) * | 2001-08-28 | 2008-07-01 | International Business Machines Corporation | Secure authentication using digital certificates |
-
2012
- 2012-05-03 CN CN201210132720.4A patent/CN102710601B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1602601A (en) * | 2001-10-12 | 2005-03-30 | Geo信托有限公司 | Methods and systems for automated authentication, processing and issuance of digital certificates |
| CN1835434A (en) * | 2006-04-10 | 2006-09-20 | 北京易恒信认证科技有限公司 | Electronic mail system and method based on CPK safety authentication |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102710601A (en) | 2012-10-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3869730B1 (en) | Confidential communication management | |
| CN111512608B (en) | Trusted execution environment based authentication protocol | |
| US9197420B2 (en) | Using information in a digital certificate to authenticate a network of a wireless access point | |
| CN105025019B (en) | A kind of data safety sharing method | |
| CN108199847B (en) | Digital security processing method, computer device, and storage medium | |
| CN112597523B (en) | File processing method, file conversion encryption machine, terminal, server and medium | |
| JP2014527787A (en) | Communication method for authentication using fingerprint information | |
| CN108809936B (en) | Intelligent mobile terminal identity verification method based on hybrid encryption algorithm and implementation system thereof | |
| CN109362074A (en) | The method of h5 and server-side safety communication in a kind of mixed mode APP | |
| CN110071937B (en) | Login method, system and storage medium based on block chain | |
| CN113114668A (en) | Information transmission method, mobile terminal, storage medium and electronic equipment | |
| CN102404337A (en) | Data encryption method and device | |
| CN104253801A (en) | Method, device and system for realizing login authentication | |
| CN103338106A (en) | Methods and devices for ciphering and deciphering file | |
| CN114143082A (en) | Encryption communication method, system and device | |
| CN104468478A (en) | Mail encryption method | |
| GB2501069A (en) | Authentication using coded images to derive an encrypted passcode | |
| CN104270380A (en) | End-to-end encryption method and system based on mobile network and communication client side | |
| WO2018033017A1 (en) | Terminal state conversion method and system for credit granting | |
| CN105871858A (en) | Method and system for ensuring high data safety | |
| ES2926968T3 (en) | A first entity, a second entity, an intermediate node, methods for establishing a secure session between a first and a second entity, and software products | |
| CN102710601B (en) | Method for security encryption and signing based on identity file | |
| CN105022962A (en) | Encryption protection method of network hard disk data content | |
| CN113630412A (en) | Resource downloading method, resource downloading device, electronic equipment and storage medium | |
| CN104394532A (en) | Anti-brute force safe log-in method for mobile terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20150722 Termination date: 20210503 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |